My Gallery was hacked My Gallery was hacked
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

My Gallery was hacked

Started by DotHunter, December 12, 2007, 10:22:59 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Print
Go Down Pages1
User actions

DotHunter

December 12, 2007, 10:22:59 AM
Hello.
I have upgraded my galery and after that I uploaded files from cpg1414.zip (downloaded from this site).
Today I have seen that last night my site was hacked and I had +400 new comments like: learn chinese .... play warcraft....
I have to mention that Registered users can't post comments, just Advanced and Artists (I choose them). And now all this Advanced an Artists members does not exist any more in users list, just theirs pictures and comments, and Registered users have the right to post comments (that hacker did this).
How can I prevent this?
What is the file name and location of DB.

Please help me.
Thanks

www.galeria.amintiri.com

DotHunter

#1
December 12, 2007, 10:34:31 AM
I have his IP: 202.46.224.66
:)

Joachim Müller

#2
December 12, 2007, 06:39:28 PM
Quote from: DotHunter on December 12, 2007, 10:22:59 AM
How can I prevent this?
Scan for backdoors
Quote from: DotHunter on December 12, 2007, 10:22:59 AMWhat is the file name and location of DB.
The database is not a file, but a database

Infernal

#3
December 12, 2007, 10:17:12 PM
i really doubt this was done through coppermine

DotHunter

#4
December 13, 2007, 07:27:08 AM
Quote from: GauGau on December 12, 2007, 06:39:28 PM
Scan for backdoorsThe database is not a file, but a database

If you can be more specific it will may help me.
Scan for backdoors: on server or my pc? I scan my pc every day (adaware + spybot s&d)
The database is not a file, but a database.... Just tell me where to look, what folder?
Have a nice day

Joachim Müller

#5
December 13, 2007, 08:10:30 AM
Quote from: DotHunter on December 13, 2007, 07:27:08 AM
Just tell me where to look, what folder?
As the database is not a file, it does not reside in a folder, so I can't tell you the location. Your question simply doesn't apply. It's like asking "in what street does a wild animal live?" That answer to that question would be "wild animals don't live in towns with streets, so they don't have an address".
If you need to directly modify your database (which is not recommended for newbies), use a third party tool like phpMyAdmin.

Quote from: DotHunter on December 13, 2007, 07:27:08 AM
Scan for backdoors: on server or my pc? I scan my pc every day (adaware + spybot s&d)
The backdoor must reside on your server obviously, not on your PC. As you don't have the needed access permissions on your server to perform the scan there, you'll need to download all files on your server to your PC and then look for the backdoor in that copy on your PC. You can't use a virus scanner or an app like Spybot S&D for that purpose, since those apps don't scan for server backdoors. You'll have to do so manually, with your file manager and your brain. It is hard for newbies to do this, and I can't teach you the details, as this is way beyond the scope of what you can expect from free support. There have been similar discussions in other threads, please search the board.
Print
Go Up Pages1
User actions